This exam is intended only for those candidates who have taken Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions. If you have not taken Exam 533, you will not earn a certification by taking this exam.https://www.microsoft.com/en-us/learning/exam-az-102.aspx
The transition exam is intended for people who have already demonstrated skills in the content domain by passing the existing exam(s) that the new role-based certification exams will be replacing. They cover the delta between the current certification and what we expect people who earn the new certification to be able to do. We don’t want to retest people on the same content where they have already demonstrated competence by passing the existing exam.

Transition exams cover net new content, content that wasn’t covered in enough depth, and content on aspects of the technology that have likely changed since someone took the exam. As a result, the transition exam is not shorter than a typical exam but more focused on the key tasks and skills that were not assessed in the existing exam or certification that is being replaced.

Candidates for this exam are Azure Administrators who manage cloud services that span storage, security, networking, and compute cloud capabilities. Candidates have a deep understanding of each service across the full IT lifecycle, and take requests for infrastructure services, applications, and environments. They make recommendations on services to use for optimal performance and scale, as well as provision, size, monitor, and adjust resources as appropriate.

Complete Microsoft Azure AZ-102 exam dumps and free az-102 PDF download online
QUESTION 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1.
Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Subscription1, you assign the Logic App Operator role to the Developers group.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
The Logic App Operator role only lets you read, enable and disable logic app. With it you can view the logic app and run
history, and enable/disable. Cannot edit or update the definition.
You would need the Logic App Contributor role.
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app

QUESTION 2
You plan to deploy an application getaway named appgw1015 to load balance IP traffic to the Azure virtual machines
connected to subnet0.
You need to configure a virtual network named VNET1015 to support the planned application gateway.
What should you do from the Azure portal?
A. Check the answer in explanantion.
Correct Answer: A
See explanation below.
Step 1:
Click Networking, Virtual Network, and select VNET1015.
Step 2:
Click Subnets, and Click +Add on the VNET1015 – Subnets pane that appears.
Step 3:
On the Subnets page, click +Gateway subnet at the top to open the Add subnet page.
Step 4:
Locate subnet0 and add it.
References:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

QUESTION 3
You need to recommend an identify solution that meets the technical requirements. What should you recommend?
A. federated single-on (SSO) and Active Directory Federation Services (AD FS)
B. password hash synchronization and single sign-on (SSO)
C. cloud-only user accounts
D. Pass-through Authentication and single sign-on (SSO)
Correct Answer: A
Active Directory Federation Services is a feature and web service in the Windows Server Operating System that allows
sharing of identity information outside a company\\’s network.
Scenario: Technical Requirements include:
Prevent user passwords or hashes of passwords from being stored in Azure.
References:https://www.sherweb.com/blog/active-directory-federation-services/

QUESTION 4
You have a virtual network named VNet1 as shown in the exhibit.
No devices are connected to VNet1.
You plan to peer VNet1 to another virtual network named Vnet2 in the same region. VNet2 has an address space of
10.2.0.0/16.
You need to create the peering.
What should you do first?
A. Modify the address space of VNet1.
B. Configure a service endpoint on VNet2
C. Add a gateway subnet to VNet1.
D. Create a subnet on VNet1 and VNet2.
Correct Answer: A
The virtual networks you peer must have non-overlapping IP address spaces.
References:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-peering#requirements-and-constraints

QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource
groups.
Another administrator plans to create several network security groups (NSGs) in the subscription.
You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.
Solution: You assign a built-in policy definition to the subscription.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Use a custom policy definition.